From c4f4d8d8504edf44f04ef31abf24ce1bacef20ba Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Tue, 17 Jul 2012 12:25:16 -0700
Subject: [PATCH] Added Administration over SSL link

---
 WordPress-Security-Tips.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/WordPress-Security-Tips.md b/WordPress-Security-Tips.md
index bc205cd..b07765e 100644
--- a/WordPress-Security-Tips.md
+++ b/WordPress-Security-Tips.md
@@ -40,9 +40,9 @@ Every time WordPress is installed or updated a file called readme.html is includ
 
 WordPress and plugin authors are constantly fixing bugs and security issues within their code and releasing new versions. At the time of writing only [21.5%](http://wordpress.org/about/stats/) of WordPress blogs are running the latest version.
 
-11. Login over HTTPS.
+11. Administration over SSL.
 
-The wp-login.php file is often accessed over un-encrypted channels such as HTTP. By ensuring the connection is encrypted when you submit your login credentials you reduce the risk of Man In The Middle (MITM) attacks.
+The wp-login.php file is often accessed over un-encrypted channels such as HTTP. By ensuring the connection is encrypted when you submit your login credentials you reduce the risk of Man In The Middle (MITM) attacks. For further information see: [http://codex.wordpress.org/Administration_Over_SSL](http://codex.wordpress.org/Administration_Over_SSL)
 
 12. Use unprivileged database user for non-admin functionality. (needs some WP modification)